Please Rewrite

TDES AND AES ENCRYPTION

Name

Professor

Institution

Date

From this case scenario, it is certain that Andrea never intended to send any money to Brandon. It is highly likely that Brandon is the source of the fraud. He could be the intruder that manipulated Andrea’s private key to transact as her.

Most of the time, cryptographic vulnerabilities are exploited in the implementation method and not the cipher itself. The first thing to remember is that the standard 56-bits is no longer viable. It has been broadly discredited because decrypt analyze computers in modern day world are too fast and with brute force decryption, can compromise it in any way. This has led to an adoption of Triple DES, naturally increases the strength of the strength of the cipher (Nemati & Yang, 2011). One additional thing that ANB could have done would be to be to use 3DES plus another cipher. Therefore, two keys must be maintained, which will be used on the 3DES plus the other cypher. A good example would be the NOT BLOCK cipher, or if they use a block cipher, they should ensure that it is of a different size and most importantly, the identity of the other cipher should be kept undisclosed.

ANB could also could also have come up with a Key replacement policy, which is a product of threat analysis. A thorough threat analysis should be performed before the implementation of the 3DES. Worth noting is that a threat analysis should be differentiated from a vulnerability analysis because, one may be very vulnerable in a place where there is no great benefit to the intruder, which is of no great concern. Alternatively, there could be great benefits that may require resources that the intruder may lack. A threat analysis is therefore necessary before a key replacement policy is developed.

If AES was used instead of triple DES, this controversy would not have occurred. AES is an advancement of triple DES. AES like 3DES uses a block cipher, where by the plain text is divided into blocks. DES is divided into 64 bits per block, and AES is twice the size, i.e. 128 bits per block. In the end, there will be a cypher text which will be as long as the plain text. Every 128-bits are therefore encrypted with AES, all using the same key. Breaking down AES, one will realize that it is a combination of the basic, recognized primitives of cryptography: substitution, transposition and bit-wise operation. The concept of repetition was however changed in AES. The output of a relatively simple cipher can be used as a plaintext to another relatively simple cypher, whose output will be used in yet a third cypher and so on. Despite the fact that the building blocks are relatively simple, if these ciphers are combined together, the overall cipher is robust (Nemati & Yang, 2011), thus reducing any chances of intrusion.

AES encryption protocol is also a standard. This means that it gets a lot of attention from the cryptographic community, and therefore professionals in cryptanalysis will be continuously testing and monitoring the protocol. A lot of intellectual capital is spent in maintaining the protocol ensuring that it stays strong and is reliable over time. Other encryption methods like 3DES which may still be good encryption methods may not get the attention that a standard protocol does. With AES comes a guaranteed assurance that the protocol is constantly being evaluated to understand and eliminate any weaknesses so that confidentiality is improved. Besides being a standard, NIST published a testing protocol for the encryption algorithm. This means that anyone who implements AES encryption can subject their work to intensive testing through NIST and their designated independent labs. Testing protocols may reveal any errors and give credibility to the fact that the protocol has been correctly implemented. These factors point out to the inference that with AES, such a scenario that happened with BBQ could not have happened.

Reference:

Nemati, H. & Yang, L. (2011). Applied cryptography for cyber security and defense. Hershey, PA: Information Science Reference.